Joe Abley wrote:

What does "master name server" mean?

The (Domainz) database does actually distinguish the first name server listed as the "master" Mostly, this distinction doesn't have any real effect. It does however matter when the "public secondary" option is used, as it is this name server that will be used as the master for the secondary to query. I imagine this is the source of the confusion. I undersetand the SOA query will be done as a normal DNS query, so will go to whichever nameservers the local resolver cares to ask. 8-) -- don --------- To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog

Joe Abley wrote:-

More than likely. Moving back to the case in hand, however, if you're going to notify nameserver operators when the nameservers start or stop being supposedly authoritative for a zone, you might as well do all of them. Why just notify the operator of the (arbitarily-designated) master nameserver?

Domainz does not know which (if any) of the name servers submitted to the registry is a master for the domain name concerned. Nor do they need to know in order to delegate, so its irrelevant. They do need to discover the soa for the name server configured as master (or primary master if there is more than one master), so they can notify the admin of the change. The soa admin will then notify any other admins providing slave name service if outside their own network. A query with type = soa on the domain in question using any of the specified name servers will return the name server configured as primary master for the domain. A second lookup to obtain the soa email address of the zone the name server (referred to in the first query) is within will get you to the correct person. Make any other assumption and you may not be notifying the correct person. Would somebody like to clear up who to notify when the primary master buffoon becomes a slave to master buffonery? :-) Regards Peter Mott Chief Enthusiast 2day.com -/- --------- To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog

On Thu, May 18, 2000 at 06:20:23PM +1200, Geoff Thompson wrote:

In an SOA record for a domain, the 'primary' or 'master' nameserver is listed, next to the admin email address for the domain.

There is some confusion in nomenclature here. RFC1033 says: SOA (Start Of Authority) <name> [<ttl>] [<class>] SOA <origin> <person> ( <serial> <refresh> <retry> <expire> <minimum> ) The Start Of Authority record designates the start of a zone. The zone ends at the next SOA record. <name> is the name of the zone. <origin> is the name of the host on which the master zone file resides. RFC1033 does not refer to "master nameservers", but a "master zone file". The terms "primary", "secondary", "master" and "slave" are (afaik) BIND- specific terms and are concerned with the manner in which authoritative zone data is obtained for a particular nameserver. A "master" or "primary" nameserver obtains authoritative zone data from a file, a "slave"/"secondary" performs a zone transfer from one of a set of "master" nameservers. Of all the nameservers that are authoritative for a zone, at least one of them will be a "master" in the BIND sense. All of them might be masters. Some of them might be slaves. However, as far as the DNS is concerned, the manner in which authoritative zone data arrives at authoritative nameservers is irrelevant.

I'm not sure if the primary server field is just informational or actually used by the nameserver, but it used to be checked by the old registry system, and also indicated to ns1.waikato.ac.nz as to where to zone-transfer a zone file from.

I think it's informational, as you have probably gathered :) I am quite possibly wrong on that point, of course :)

If someone want to setup a shadow primary, and have only the secondaries listed, I guess they have to list one of their secondary servers in the SOA record instead, and not let the registry know of their primary server.

I don't think so. I don't think there's a requirement to have the origin host (as specified in the SOA) listed in an NS record for the zone. Joe --------- To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog

From: Don Stokes Date: Thu, 18 May 2000 23:20:27 +1200

BIND does actually make use of it when sending notification messages to secondaries. Notifications are sent to all nameservers listed in the NS records for the zone, *except* the nameserver listed as the origin in the SOA.

I believe BIND will also log a warning if it receives a notification message from an address that doesn't match the origin in the SOA. cheers mark --------- To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog